CISSP · Question #787
Which of the following is the MOST crucial for a successful audit plan?
The correct answer is A. Defining the scope of the audit to be performed. An audit is an independent and objective examination of an organization's activities, systems, processes, or controls to evaluate their adequacy, effectiveness, efficiency, and compliance with applicable standards, policies, laws, or regulations. An audit plan is a document that
Question
Options
- ADefining the scope of the audit to be performed
- BIdentifying the security controls to be implemented
- CWorking with the system owner on new controls
- DAcquiring evidence of systems that are not compliant
How the community answered
(18 responses)- A89% (16)
- B6% (1)
- C6% (1)
Explanation
An audit is an independent and objective examination of an organization's activities, systems, processes, or controls to evaluate their adequacy, effectiveness, efficiency, and compliance with applicable standards, policies, laws, or regulations. An audit plan is a document that outlines the objectives, scope, methodology, criteria, schedule, and resources of an audit. The most crucial element of a successful audit plan is defining the scope of the audit to be performed, which is the extent and boundaries of the audit, such as the subject matter, the time period, the locations, the departments, the functions, the systems, or the processes to be audited. The scope of the audit determines what will be included or excluded from the audit, and it helps to ensure that the audit objectives are met and the audit resources are used efficiently and effectively. Identifying the security controls to be implemented, working with the system owner on new controls, and acquiring evidence of systems that are not compliant are all important tasks in an audit, but they are not the most crucial for a successful audit plan, as they depend on the scope of the audit to be defined first.
Topics
Community Discussion
No community discussion yet for this question.